In this article we present a new model and method for anticipating attacks against the networked computing infrastructures for an organization. The model combines existing models for cyber-attack representation and attack planning, with a new approach at anticipating what tools (e.g., exploits) an unknown attacker may hold. This approach allows us to take statistical samples of exploits an attacker could hold. Combining attack simulation and attack planning with a sampling algorithm, we show that we are able to derive information that can be used to anticipate threats.
As a result, the model allows predictive risk assessments improving over older reactive models. We further present a software solution that implements this model by introducing a sampling algorithm and combining it with software for simulating attacks and automatically planning them. Finally, using this tool, we derive a mechanism to compute a security metric that describes which is the most fragile computer in the network.